Data protection and transparency.

We attach great importance to the transparency of how we handle personal data. This privacy policy provides information about what personal data we collect, for what purpose, and with whom we share it. To ensure a high level of transparency, this privacy policy is regularly reviewed and updated.

1. Which services we use

• WordPress

2. Contact information

If you have any questions or concerns about our privacy policy, you can contact us at any time by email at . The person responsible for data processing via this website is:

Armand Schmidlin
hello@armand.ch

Switzerland

3. General principles

3.1 What data do we collect from you and from whom do we receive this data

We primarily process personal data that you provide to us or that we collect when operating our website. We may also receive personal data about you from third parties. This may include the following categories:

• Personal master data (name, address, date of birth, etc.);
• Contact details (mobile phone number, email address, etc.);
• Financial data (e.g. account details);
• Online identifiers (e.g. cookie identifiers, IP addresses);
• Location and traffic data;
• Sound and image recordings;
• particularly sensitive data (e.g. biometric data or information about your health).

3.2 Under what conditions do we process your data?

We treat your data confidentially and in accordance with the purposes set out in this privacy policy. We ensure transparent and proportionate processing.

If, in exceptional circumstances, we are unable to comply with these principles, the data processing may still be lawful because a justification exists. Examples of justifications include:

• your consent;
• the execution of a contract or pre-contractual measures;
• our legitimate interests, unless your interests prevail.

3.3 How can you withdraw your consent?

If you have given us your consent to process your personal data for specific purposes, we will process your data within the scope of this consent unless we have another justification.

You have the option to revoke your consent at any time by sending an email to the address provided in the imprint. This does not affect data processing that has already taken place.

3.4 In which cases can we pass on your data to third parties?

a. Principle

We may rely on the services of third parties or affiliated companies and commission them to process your data (so-called processors). The recipient categories include:

• Accounting, trust and auditing companies;
• Consulting firms (legal advice, taxes, etc.);
• IT service providers (web hosting, support, cloud services, website design, etc.);
• Payment service providers;
• Providers of tracking, conversion and advertising services.

We ensure that these third parties and our affiliates comply with data protection requirements and treat your personal data confidentially.

We may also be required to disclose your personal data to authorities.

b. Visiting our social media channels

We may have embedded links to our social media channels on our website. You will be able to see this (typically via corresponding icons). Clicking on the icons will redirect you to our social media channels.

In this case, the social media providers will learn that you are accessing their platform from our website. The social media providers may use the data collected in this way for their own purposes. We would like to point out that we have no knowledge of the content of the transmitted data or how it is used by the operators.

c. Transfer abroad

Under certain circumstances, your personal data may be transferred to companies abroad as part of order processing. These companies are subject to the same data protection obligations as we are. The transfer may take place worldwide.

If the data protection level does not correspond to that of Switzerland, we will conduct a prior risk assessment and contractually ensure that the same level of protection is guaranteed as in Switzerland (e.g., through the new standard contractual clauses of the EU Commission or other legally prescribed measures). If our risk assessment is negative, we will implement additional technical measures to protect your data. You can access the EU Commission’s standard contractual clauses at the following link: https://commission.europa.eu/publications/standard-contractual-clauses-controllers-and-processors-eueea_de

3.5 How long do we keep your data?

We only store personal data for as long as necessary to fulfill the individual purposes for which the data was collected.

Data we store during your visit to our website is retained for twelve months. An exception applies to analytics and tracking data, which may be retained for a longer period.

We store contract data for a longer period because we are legally obligated to do so. In particular, we must retain business communications, concluded contracts, and accounting records for up to 10 years. If we no longer need such data from you to provide our services, the data will be blocked and used only for accounting and tax purposes.

3.6 How do we protect your data?

We will keep your information secure and take all reasonable steps to protect it from loss, access, misuse, or alteration.

Our contractual partners and employees who have access to your data are obligated to comply with data protection regulations. In some cases, it may be necessary for us to forward your inquiries to our affiliated companies. Even in these cases, your data will be treated confidentially.

On our website we use the SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser.

3.7 What rights do you have?

a. Right to information

You can request information about the data we have stored about you at any time. Please send your request for information along with proof of identity to hello@test.ch.

You also have the right to receive your data in a common file format if we process your data automatically and if:

• You have given your consent to the processing of this data; or
• You have disclosed data in connection with the conclusion or execution of a contract.

We may restrict or refuse to provide information or data if this conflicts with our legal obligations, our own legitimate or public interests, or the interests of a third party.

Your request will be processed within the statutory processing period of 30 days. However, we may extend this period due to high request volume, for legal or technical reasons, or because we require further information from you. You will be notified of the extension in a timely manner, at least in text form.

b. Deletion and rectification

You have the right to request the deletion or correction of your data at any time. We may reject your request if legal regulations require us to retain your data for a longer period or without changes, or if a legal basis conflicts with your request.

Please note that the exercise of your rights may conflict with contractual agreements and may have corresponding effects on the implementation of the contract (e.g. early termination of the contract or cost consequences).

c. Legal recourse

If you are affected by the processing of your personal data, you have the right to enforce your rights in court or to file a report with the competent supervisory authority. The competent supervisory authority in Switzerland is the Federal Data Protection and Information Commissioner: https://www.edoeb.admin.ch

3.8 Changes to the Privacy Policy

We may change this privacy policy at any time. The changes will be posted on our website, but you will not be notified separately.

4. Individual data processing operations

4.1 Providing the website and creating log files

What information do we receive and how do we use it?

When you visit our website, certain data is automatically stored on our servers or on servers of services and products we purchase and/or install for system administration, statistical or backup purposes, or for tracking purposes. This includes:

• the name of your Internet service provider;
• Your IP address (where applicable);
• the version of your browser software;
• the operating system of the computer with which the URL is accessed;
• the date and time of access;
• the website from which you visit URL;
• the search terms you used to find the URL.

Why are we allowed to process this data?

This data cannot be assigned to a specific person, and it is not merged with other data sources. Log files are stored to guarantee the functionality of the website and to ensure the security of our information technology systems. This is our legitimate interest.

How can you prevent data collection?

The data will only be stored for as long as necessary to achieve the purpose for which it was collected. Accordingly, the data will be deleted after each session. The storage of log files is essential for the operation of the website; therefore, you have no right to object.

BrainBox Generators

BrainBox Generators is a service provided by BrainBox Solutions GmbH that detects all privacy-relevant services on a website and, among other things, assists in the creation of the privacy policy. No personal data is collected or processed.